Allow Basic authentication - Client - AllowBasic

Information

This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Basic authentication.
If you enable this policy setting, the WinRM client uses Basic authentication. If WinRM is configured to use HTTP transport, the user name and password are sent over the network as clear text.
If you disable or do not configure this policy setting, the WinRM client does not use Basic authentication.

Solution

Policy Path: Windows Components\Windows Remote Management (WinRM)\WinRM Client
Policy Setting Name: Allow Basic authentication

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-windows-10-and-windows-server-version/ba-p/1543631

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-17(4), CSCv6|16.13

Plugin: Windows

Control ID: ff961296f327e543a40fb8970ae0686b12154be424d8a6f621edd3ea164f5575